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ABSTRACT 



A system for enciphering or decipheiing wherein bit 
patterns in a binary number notation of a plurality of 
elements, which an irreducible polynomial in the Galois 
field GF (20 has, are stored in registers arranged in a 
certain correspondence with the bit positions of input 
data or messages, as random numbers for an encryption 
key or decryption key. The bit patterns retained in the 
registers corresponding to the digit of bit "1" in the 
input data are subjected to a mod 2 addition operation 
independently for each digit of the random numbers, to 
thereby obtain encipher or decipher data corresponding 
to the input data. The elements to be used for the enci- 
pher and decipher keys have a specific relationship 
therebetween in conformity with the periodical charac- 
teristic of the elements the irreducible polynomial has. 

3 Qaims, 4 Drawing Sheets 
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SYSTEM FOR ENCIPHERING OR DECIPHERING 
DATA 

BACKGROUND OF THE INVENTION 5 

(1) Field of the Invention 

The present invention relates to a system for enci- 
phering or deciphering data, and more particularly to a 
system for enciphering or deciphering data or messages 
by multiplying them by pseudorandom numbers. 

(2) Description of the Prior Art 

Recently, in an on-line system such as a bank system, 
protection of transmission data through encryption has 
strongly been requested in order to prevent illegal ac- 
cess to the transmission data and its abuse through cfyp- 
toanalysis. Not only the protection for transmission data 
through encryption, but also the protection for fUe data 
within a computer system has also been requested here- 
tofore. 

Of conventional data encryption systems, there are 
known systems in which pseudorandom numbers are 
added to data, as proposed for example in U.S. Pat Nos. 
3,535,642. 3.681,708, 3.691,472, 3.816,764. 3.838,259. 
3,911,216. In these known systems, basically the bit 25 
patterns of transmission data and pseudorandom num- 
bers are added together at each of the corresponding 
bits of the respective data and the resultant bit pattern is 
transmitted as a cipher message. With such system, if 
there is only one terminal for destination of a message, 3Q 
i.e., in case of an end-to-end type communication net- 
work, both sending and receiving terminals may suffice 
only if they have a single common stream of pseudoran- 
dom numbers as a cipher key for enciphering and deci- 
phering. However, if the number of terminals in a com- 35 
munication network increases, then it is necessary to use 
a plurality of particular cipher keys for respective pairs 
of sending and receiving terminals. This results in a 
large number of cipher keys which must be prepared for 
the whole conimunication system. 4Q 

The number of types of cipher keys may be reduced 
by allocating a particular cipher key for each communi- 
cation channel For instance, as shown in FIG. 1. in a 
system where terminals A, B, C, D and E are connected 
to each other via nodes Pi, P2 and P3, the number of 45 
cipher keys necessary for each terminal becomes mini- 
mum on condition that different streams of pseudoran- 
dom numbers Ci to C7 are prepared for respective com- 
munication channels and enciphering and deciphering 
are performed by using as a cipher key Ci for the chan- 50 
nel from A to ?\, Ci for the channel from Pi to P2, C3 
for the channel from Pi to P3 and C4 for the channel 
from P3 to B. However, if the above-noted encryption 
using an independent cipher key for each communica- 
tion channel is employed for an encryption system 55 
where a transmission message and a stream of pseudo- 
random numbers are added together (EXCLUSIVE OR 
operation), there arises a possibility of a cryptoanalysis 
of the message by performing an AND operation, rela- 
tive to the same plain text, of the cipher texts obtained 60 
from a plurality of communication channels. Thus, data 
protection is not sufficient 

Among other encryption systems, also known is an 
American encryption standard system by the Depart- 
ment of Commerce of U.S. Government This system. 65 
however requires complicated circuits in order to per- 
form iterative operations of combinations of substitu- 
tion and transposition processings for the input data. 



SUMMARY OF THE INVENTION 

It is an object of the present invention to provide a 
system which has little risk of cipher data being illegally 
cryptoanalized and is capable of enciphering or deci- 
phering the data with a simple circuit arrangement, 

It is another object of the present mvention to pro- 
vide an enciphering or deciphering system having an 
extremely high degree of freedom in selection and alter- 
ation of cipher keys. 

It is a further object of the present invention to pro- 
vide a system capable of enciphering and deciphering 
data by using the same circuit construction and chang- 
ing only the cipher keys. 

It is a still further object of the present invention to 
provide an enciphering system capable of transposition 
of the bit positions of a cipher text by using a selected 
set of cipher keys. 

In order to achieve the above objects, the system for 
enciphering or deciphering i binary digit data according 
to the present invention comprises: 

first store means for temporarily storing input data to 
be enciphered or deciphered; 

second store means for storing a plurality of streams 
of i binary digit random numbers, each stream corre- 
sponding to each digit of said first store means; and 

output means for outputting a signal as encryption or 
decryption data for said input data, said signal being 
obtained by performing mod 2 addition of the streams 
of random numbers, among a plurality of streams stored 
in said second store means, which correspond to those 
digits of the input data stored in said first store means 
and having "1" bit, said addition being performed inde- 
pendently for each digit of said random numbers. 

A consecutive set of elements is used as said plurality 
of streams of random numbers, the set of elements being 
selected &om the finite number of elements of an irre- 
ducible polynomial f(x) in the Galois field (2'). These 
elements can be expressed m a binary bit pattern when 
they are expressed in a polynomial form and the degree 
of X terms is made to correspond to the binary number 
digit. The enciphering system of the invention utilizes 
the characteristic of an irreducible polynomial and gen- 
erates encryption data by performing a partial product 
operation between the inputted data and random num- 
ber patterns. Also in deciphering, the original data is 
reproduced from a partial product operation between 
the inputted cipher data and random number patterns. 

These and other objects, features, and uses will be- 
come more apparent as the description proceeds, when 
considered with the accompanying drawings. 

BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 is a schematic diagram showing a data com- 
munication network for enciphering and deciphering 
data; 

FIG. 2 is a block diagram showing a schematic con- 
struction of a node in a data communication network; 

FIG. 3 is a table for explaining the principle of enci- 
phering a message according to the present 0180 inven- 
tion; 

FIG. 4 is a table for explaining the principle of deci- 
phering a cipher text according to the present inven- 
tion; 

FIG. 5 is a circuit diagram showing one example of 
enciphering and deciphering circuits according to the 
present invention; 



11/12/2003, EAST 



Version: 1.4.1 



4,797,921 

3 4 

FIG. 6 is a flow chart illustrating a sequence for tained in association with an irreducible polynomial in 

generating random numbers to be used as an encryption the Galois field GF(20. 

key; and An irreducible polynomial in the Galois field GF(20 

FIG. 7 is a flow chart illustrating a sequence for is generally expressed in the form of: 

generating random numbers to be used in a decryption 5 

key. FXx)=aM'+a,'=,i.V-> + . . . +a|.xl+ao (1) 

DESCRIPTION OF THE PREFERRED Any desired element can be identified by perform- 

EMBODIMENT ing a mod fi(x) operation, i.e., by obtaining a remainder 

FIG. 2 is a block diagram schematically showing the 10 through division of X« by f|<x), and expressed by a sum 

construction of the node Pi m the communication net- ^'"^ to x*' as in the following equation where b,'_ i, , . 

work of FIG. 1, The node Pi is provided with a data . , are constants of "T* or "0", 
processor 30 for operation of a data exchange, modems 

20, 20' and 20" between data communication channels X"sib/,,.x'-»+b/-i.]i'-2+. . . +bi.x+bo(mod 

Ci, Q and C5, encipher circuits lOA. lOA' and lOA" 15 ^""^^ ^' 

and decipher circuits lOB, lOB' and lOB". A cipher text „„ j ui 1 ^ ' 1 ■ 

from the data communication chamiel C, reeved at , JA'^,;^ fi?MTS?,ftl'"f T • P^Jy"**."^ 

the modem 20 is deciphered into a plain text at the ^^^^^^ 

decipher circuit lOB, and inputted to the processor 30 f(i)=x*+x+i (3) 
via a signal bus 31. Alternatively, a message to be trans* 20 

mitted on the communication channel Ci is transferred The above polynomial is an irreducible primitive poly- 

via the signal bus 31 to the encipher circuit lOA where nomial having i=6 as the maximum degree of x. As 

it is enciphered into a cipher text and thereafter trans- shown in Table 1. aU of the elements X" expressed in a 

mitted via the modem 20. A stream of random numbers power form can be expressed as a polynomial f,<x) 

used as a cipher key for enciphering and deciphering is 25 fonned of a sum of 1, x, x^, x3, x^ and x^. The number g 

suppUed via a signal line 32 from the processor 30 to the of elements is (2^- 1) since the element of the order 63 

circuits lOA and lOB. Reference numeral 33 denotes a equals the value of X^. 

control signal line for data transmission. The encipher The equation 3 can Idc expressed as a binary number 

circuits lOA' and lOA" and decipher circuits lOB' and of "1000011" by making the term of 6 order x corre- 

lOB" between the data communication channels Czand 30 gpond to the uppermost bit and the term of 0 order x to 

C5 and the processor 30, are constructed similarly to the the lowermost bit. Simiarily, each element of Table 1 

cu-cuits lOA and lOB. can be expressed in a 6 digit binary number. 
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According to the present inventioui in the encipher 
circuits lOA, lOA' and lOA" and decipher circuits lOB, 65 
lOB' and lOB", a cipher key is used which is expressed 
as will be described later in a polynomial form of a set 
of elements selected from a plurality of elements ob- 



According to the present invention, a plurality of 
streams of random numbers are used for an encryption 
key, in which a set of i elements consecutive in power 
number are selected from the elements X<> to X?-' ob- 
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tained in association with the irreducible polynomial sponds to the row 16' of X^*. The random numbers 
and the respective polynomials for the selected ele- corresponding to bit "1" in the cipher text are selected 
ments are expressed in a binary number notation for use as an object of addition operation (mod 2 addition) at 
as an encryption key. Another set of i elements having each bit. The resultant bit pattern D equals the message 
a particular relation with the elements selected in enci- 5 prior to enciphering as shown in a block 4'. 
phenng b also expressed in a binary number notation to it is possible to select any desired dement for an 
use It as the random numbers for a decryption key. encryption key in a single irreducible polynomial and 

Y7^''H""t^'^' Clements X7 to Xi2starting from select accordingly the element X^ for a decryption key 

XJ mdicated by reference Em TaW^ 1 are selected for which corresponds to the element X^. As thepolynomi- 
'^t^.1^"^^P^T^7:J^^^ als of the encryption and decryption keys, another irre. 

K '^llCT' X«=^Sw' ^ ^^T^OUO^' ducible primitive polynomial in\he Galois field GF(20 
Xio="11000"' Xii="10001 1" and X12-**000101" * 5 ^^^P^^' '^^^^^ ^ ^^^^^ the elements 

In the encipher circuit of the invention, thes^ bit ^,^^^,5 ^2/"/^.. polynomial 
patterns are arranged for use as encryption random 15 ^'IVo^t^-^ 'TJ ^ T^,*^'" 
numbers in the order of power as shown in FIG. 3. In X^sufficmg the relation of the equation (6) can be 

enciphering,amessageMofabinarynumbernotationis settmg q=32 The irreducible polynomial 

arranged in such a way that the lowermost bit mO corre- niayoe selected such that the order thereof corresponds 
sponds to the row 11 of X^ and the uppermost bit m^ to ^° ^^^^"^ ^ message to be enciphered, 

the row 16 of X^^. Only those streams of random num- 20 TABLE 2 

bers whose rows correspond with bit ** 1" in the message 
are used as an object of addition operation (mod 2 addi- 
tion) for each bit of the random numbers. Assuming that 
the content of message M is **010101" as shown in FIG. 
3, the random numbers located at the rows 11, 13 and 15 25 
becomes an object to be operated, and a bit pattern 
"1 1 1101" shown in a block 4 becomes a cipher text. 

In the above example, it can be understood that the 
bit pattern **010101" of the message M and "111101" of 
the cipher text respectively correspond to the polyno- 30 
mials of and X59, Therefore, taking E (=7) as the de- 
gree of power of the reference element X' among the 
set of elements used in enciphering, M (= 52) as for X'^, 
and S (=59) as for X^', the above-described encipher- 
ing processing means that the following operation is 33 
performed through a partial product operation. 

^ ™^ no. 5 shows an example of the construction of a 

In the decipher circuit of the mvention, a received <^cuit for performmg the above-described enciphering 
message is deciphered by using a partial product opera- ^ operation. In the figure, reference numberal 1 repre- 
tion similarly to the case of enciphering. In this case, ^""^ ^ memory for storing polynomial bit patterns of 
taking D as the degree of power of a reference element number nototion to be used as random numbers, 

among the set of elements used for a decryption key, the memory 1 is constructed of i shift registers 1/ to U 

deciphering processing can be expressed in the form of: Reference numeral 2 represents an i bit input register to 

45 which a message M is inputted, the content of each bit 
x^.x^sX^ (5) is outputtcd in parallel. Reference numeral 3 denotes an 

operation circuit which includes 2-input AND circuits 
Therefore, from the equations (4) and (5), as the de- 3/ to 3/ corresponding to each bit 2/ to 2i of the register 
gree D of a reference element among the elements se- 2 and an adder 30 for performing a mod 2 addition of 
lected for use as a decryption key, the value which 50 the outputs from the AND circuits. Reference numeral 
meets the following condition can properly be selected. * denotes an i bit output shift register to which an out- 
put of the adder 30 is inputted successively. The shift 
D+E-o (mod q) (6) registers 1/ to 1/ start shifting every time when the mes- 

sage is inputted to the input register 2, and sequentially 
wherein q is the number of elements the irreducible 55 output the bit patterns from the uppermost bits 1// to 1« 
polynomial can take. to the lowermost bits 1// to lit These outpute are re- 

in this example, since .q=63 and E=7, the value D spectively mputted to the AND circuits 3/ to 3/. To the 
sufficing the equation (6) becomes 56. As a result, as the other input terminal of each AND gate 3/ to 3/; each bit 
decryption key forming a counterpart of the encryption output from the input register 2 is applied. Only those 
key obtained from X' to X^^ six elements X^* to X** €0 AND gates corresponding to bit "1" in the message 
starting from a reference X56 indicated by reference D supply each bit signal from the shift registers to the mod 
m Table 1 are used and the corresponding bit patterns 2 adder 30. 

X56="Oinir to X6i="110001" representative of the As a result, if the polynomial bit patterns for i ele- 
respective polynomials become the decryption random ments are previously arranged to be stored in the mem- 
numbers These random numbers are arranged in the 65 ory 1 in such a way that a bit pattern of the polynomial 
order of power and the received cipher text S is ar- 
ranged in such a way that lowermost bit s^ corresponds x^-C/_|.x'-i+, . . Comod fnx)) (7) 
to the row 11' of X^* and the uppermost bit s^ corre- 
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representative of a reference for the encryption key is for encryption can be obtained at block 31 by perform- 
located at the shift register 11, and a bit pattern of the ing division of the i elements expressed in a power form 
polynomial starting from x^by the irreducible polynomial f(x) and 
x^+'-i5 L_i x'-i+ +1q (mod fir (fSi Calculating its remainder. These bit patterns are tern- 
is located at the shift 'register u Ln the operation ^ P?/arily stored at block 32 in the memory . As all of the 
circuit 3 can perform the encryption operation for the i patterns have been prepared, the bit patterns are 
bit input message as described with FIG. 3. The resul- sequentially read from the memory in accordance with 
tant cipher text is sequentially inputted to the output arrangement designation K^of the encryption key. 
register 4. The read-out bit patterns are then transferred to the 
Each shift register 1/to 1/ is constructed such that the registers 1/ to 1/ in the encipher circuit 10 A. The 
output bit is re-entered into the lowermost bit upon above-described transposition in the encryption key can 
every shift operation. Therefore, at the end of encipher- performed in accordance with the arrangement des- 
ing of the message, the contents of each register resume ignation Kf. * 

the initial state, enabling accordingly to perform an FIQ, 7 schematically shows an operation flow for 

encryption operation of the following message. generating decryption random numbers. Bit patterns 

It can be understood by reference to FIGS. 3 and 4 forming the basis of decryption are obtained at block 41 
that the decryption operation of the invention can be by dividmg the i elements starting from x^by the irre- 
performed with the same procedure as that in the en- ducible polynomial f[x). The bit patterns representative 
cryption operation. Thus, the circuit of FIG. 5 per se of the remainders arc temporarily stored at block 42 in 
can be adopted as a decipher circuit By storing bit the memory. As all of the bit patterns have been pre- 
pattems forming a decryption key into the respective pared, the bit streams are read out at block 43 in accor- 
shift registers in the memory 1, and deciphering a cipher dance with the arrangement designation Kd of the de- 
text S inputted to the input register 2, it is possible to cryption key to restore them in the memory (block 44). 
obtom the on^al message at the output register 4. After the end of transposition of the bit streams, at block 

Next, a modification of the present mvention will be 45 the bit patterns corresponding to x^ are sequentially 

t« ^ iF^t. 1 . Y7 A c transfer them sequentially to the shift registers 1/ 

Refemng to FIG. 3, if the elements and X8 form- to 1// in the decipher circuit lOB. 

mg part of the encryption key is arranged to transpose j^e elements x^ for the decryption key can be unani- 

Xn, so that the bit pattern of the cipher text S is S m the deciyption key can 

changed to "llOlll" By setting this bit pattern at the ^^^f^'^.Z^^ 

block r of FIG. 4 and performLg a deci^tion opera- ^^Sl^H^cf ^^-T'^P^" r 

tion, adecipheredmessage D tobe obtamed at the block Hn^ nn^t^^.^fi, of a message using ran- 

4' becomes **010110" whose bit pattern contains two ^5 numbers of the bit patterns of the elements have 

transposed lower bits of the bits mO and ml of the mes- ?^ desCTibed by way of example by using an irreduc- 

sagc M. From this, it can be understood that if the ele- prumtive polynomial in the Galois field GF(20. 

ments X? and X^ are transposed at the encipher circuit However, other polynomials whose elements have a 

side, the streams of bits x^ and x^ corresponding to the Penodical property shown by 

transposed bits m** and m 1 are arranged to be transposed ^ vs / 

in the decryption bit pattern matrix at the decipher ^^^^^ ' 

circuit side so as to decipher the cipher text into a cor- , , j 

rect original message. In particular, therefore, if the f^^^ ^ encryption and decryption 

elements X^ and X" are transposed at the encipher ^^l^^' ^® foUowmg relationship between 

circuit side, the decipher circuit side may prepare such ^5 and x^ is established: 

E+D-O (mod 5) (10) 



bit patterns whose bit streams x"* and x2 corresponding 
to the bits m^ and m^ are transposed. Thus, as the ar- 



rangement of elements forming an encryption key is i7„^u^^ „uv^ 1, • t. • j j • i_ . 

transposed at the encipher circuit side, cryptoanalys^i of ^ F^^ermore, although enciphermg and deciphenng 

the ciphertext illegally obtained during data transmis- 30 ^^en apphed to data transmission in the above 

sion becomes more difficult, thereby further improving embodunents, it is apparent that enaphering and deci- 

the security of data. phermg of the present mvention may also be adopted 

The random numbers (bit pattern) for enciphering protection of file data in a general computer system, 

and deciphering to be set in each shift register in the ^ claim: 

memory 1 can be supplied to each node from the data 55 1- ^ system for enciphering or deciphering i binary 

processor 30. da*^ comprising: 

In order to generate polynomial bit patterns serving means for temporarily storing input data to 

as random numbers, it is necessary for those persons at ^e enciphered or deciphered; 

the two nodes for data transmission to previously be second store means for storing a matrix formed by a 

informed of: an irreducible polynomial f(x) forming the 60 plurality of streams of i binary digit random num- 

basis of enciphering and deciphering the order E of a ^ers, each stream corresponding to a respective 

reference element used as part of the encryption key; digit of said first store means; and 

and the arrangement Ke of the encryption key. These output means for outputting a signal as encryption or 

information may be provided via another route other decryption data for said mput data, said signal 

than the above data transmission channel. 65 being obtained by performing mod 2 addition of 

FIG. 6 schematically shows an operation flow per- the streams of random numbers, among a plurality 

formed by the data processor 30 for effecting formation of streams stored in said second store means, which 

of encryption random numbers. Bit patterns necessary correspond to those digits of the input data store in 
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said first store means and having a "1" bit, said 
addition operation being performed independendy 
for each digit of said random numbers; 
wherein said plurality fo streams of random numbers 
to be stored in said second store means respectively ^ 
correspond to i element consecutive in power num- 
ber and selected from the (2^-1) elements of an i 
order irreducible primitive polynomial in the Oa- 
lois field GF(20. jq 
2. A system as set forth in claim 1, wherein if in en- 
cryption operation the polynomials stored as the ran- 
dom numbers in said second store means correspond to 
the elements to x^+'-i in a power form, then in 
decryption operation the polynomials stored as the 15 
random numbers in said second store means correspond 
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to the elements to x-^^^- * in a power form, wherein 
E-l-D-iO (mod 2^-1). 

3, A system as set forth in claim 1, wherein 

said second store means comprises i shift registers, 
each storing a stream of i digit random numbers; 

said first store means comprises an input register for 
outputting in parallel i digit input data; and 

said addition means comprises a plurality of AND 
circuit means provided for each digit of said input 
regbter for performing an AND between a one 
digit output from said input register and an output 
from said shift register corresponding to said one 
digit, and an adder for performing a mod 2 addition 
operation of the outputs from said plurality of 
AND circuit means. 
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